projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add HMAC ECC ciphersuites from RFC5289. Include SHA384 PRF support and
[openssl.git] / ssl / ssl_lib.c
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 2cd78c13ccef9524410c3a49abd53ca9e9ecd3a9..65a515753ec2678e1eebb166dc24d36c505f459b 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1366,6 +1366,10 @@ int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p,
        for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
                {
                c=sk_SSL_CIPHER_value(sk,i);
+               /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
+               if ((c->algorithm_ssl & SSL_TLSV1_2) && 
+                       (TLS1_get_version(s) < TLS1_2_VERSION))
+                       continue;
 #ifndef OPENSSL_NO_KRB5
                if (((c->algorithm_mkey & SSL_kKRB5) || (c->algorithm_auth & SSL_aKRB5)) &&
                    nokrb5)
Unnamed repository; edit this file 'description' to name the repository.